This IP address has been reported a total of
53
times from
41 distinct
sources.
38.79.154.192 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
CrowdSec: crowdsecurity/http-sensitive-files | req: ["/.git/config","/.env.development","/backend/.e ...
show moreCrowdSec: crowdsecurity/http-sensitive-files | req: ["/.git/config","/.env.development","/backend/.env","/api/.env","/.aws/credentials"] | UA: ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109","Mozilla/5.0 (Ma
show less
[redacted] 38.79.154.192 - - [06/Jul/2026:08:06:03 +0100] "GET /.env HTTP/1.1" 302 1544 0/45602 "-" ...
show more[redacted] 38.79.154.192 - - [06/Jul/2026:08:06:03 +0100] "GET /.env HTTP/1.1" 302 1544 0/45602 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109" [redacted] 38.79.154.192 - - [06/Jul/2026:08:06:03 +0100] "GET /.[redacted] HTTP/1.1" 302 1544 0/45415 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
show less
Bad Web Bot
Web App Attack
Anonymous
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Co ...
show moreIncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Country=RO; ASN=43376 Dotro Telecom Srl
show less
Hacking
Anonymous
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-sensitive-files; Action=ban; Event ...
show moreIncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-sensitive-files; Action=ban; Events=5; Hosts=portal.incognet.io; Paths=/.aws/credentials,/.env,/.git/HEAD,/.git/config,/api/.env; Country=RO; ASN=43376 Dotro Telecom Srl
show less
CrowdSec: crowdsecurity/http-sensitive-files | req: ["/.git/HEAD","/.env","/api/.env","/.aws/credent ...
show moreCrowdSec: crowdsecurity/http-sensitive-files | req: ["/.git/HEAD","/.env","/api/.env","/.aws/credentials","/.git/config"] | UA: ["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36","Mozilla/5.0 (Windows NT 10.0
show less
Hacking
Anonymous
38.79.154.192 - - [05/Jul/2026:23:08:36 +0200] "GET /.git/HEAD HTTP/1.1" 404 48089 "-" "Mozilla/5.0 ...
show more38.79.154.192 - - [05/Jul/2026:23:08:36 +0200] "GET /.git/HEAD HTTP/1.1" 404 48089 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
38.79.154.192 - - [05/Jul/2026:23:08:36 +0200] "GET /.git/HEAD HTTP/1.1" 404 10970 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
38.79.154.192 - - [05/Jul/2026:23:08:39 +0200] "GET /.env HTTP/1.1" 404 10970 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15"
38.79.154.192 - - [05/Jul/2026:23:08:38 +0200] "GET /.env HTTP/1.1" 404 48089 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15"
38.79.154.192 - - [05/Jul/2026:23:08:39 +0200] "GET /env HTTP/1.1" 404 48089 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 S
...
show less
(mod_security) mod_security (id:210492) triggered by 38.79.154.192 (RO/Romania/-): 5 in the last 300 ...
show more(mod_security) mod_security (id:210492) triggered by 38.79.154.192 (RO/Romania/-): 5 in the last 300 secs (CF_ENABLE)
show less